CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-6346

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1120%
EPSS Percentile33.08th
Published2006年12月7日
Last Modified2026年4月23日

Vulnerability Description

Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.

Affected Platforms (CPE)

📦
Sap

Internet Graphics Server

<= 6.40_patch_15
📦
Sap

Internet Graphics Server

<= 7.00_patch_3

References & Advisories

🔗 http://secunia.com/advisories/23262
🔗 http://securityreason.com/securityalert/1985
🔗 http://securitytracker.com/id?1017341
🔗 http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Undocumented_Features.pdf
🔗 http://www.securityfocus.com/archive/1/453560/100/0/threaded
🔗 http://www.securityfocus.com/bid/21448
🔗 http://www.vupen.com/english/advisories/2006/4863
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30766

関連する脆弱性情報

CVE-2008-30139.3

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Ser...

CVE-2014-02639.3

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Go...

CVE-2018-23958.8

Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49...

CVE-2018-23927.5

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity...